<?php
declare (strict_types = 1);

namespace app\middleware;

class CrossDomain
{
    public function handle($request, \Closure $next)
    {
        $response = $next($request);
        
        $response->header([
            'Access-Control-Allow-Origin' => '*',
            'Access-Control-Allow-Methods' => 'GET,POST,PUT,DELETE,OPTIONS',
            'Access-Control-Allow-Headers' => 'Authorization, Content-Type, X-Requested-With',
            'Access-Control-Max-Age' => 3600
        ]);

        if ($request->isOptions()) {
            $response->code(204);
        }

        return $response;
    }
}
